package ca.concordia.soen6461.wichf.ui.web;

import java.io.IOException;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import ca.concordia.soen6461.wichf.controller.Session;
import ca.concordia.soen6461.wichf.dao.UserDao;
import ca.concordia.soen6461.wichf.dao.mem.UserMemDao;
import ca.concordia.soen6461.wichf.entity.User;
import ca.concordia.soen6461.wichf.entity.User.Role;

public class AuthenticationServlet extends HttpServlet {

	private static final long serialVersionUID = -516738247980143767L;
	
	private UserDao userDao = new UserMemDao();

	public AuthenticationServlet() {
	}

	@Override
	protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
		doHandle(req, resp);
	}
	
	@Override
	protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
		doHandle(req, resp);
	}
	
	private void doHandle(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
		Session session = getSession(req);
		User user = session.get(User.class);
		String event = getEvent(req);
		String path;
		if ("login".equals(event)) {
			path = authenticate(req, session);
		} else if ("register".equals(event)) {
			path = register(req, session);
		} else if ("logout".equals(event)) {
			path =  logoff(req,session);
		} else if (user == null) {
			path = "/login.jsp";
		} else {
			path = "/controller";
		}
		getServletContext().getRequestDispatcher(path).forward(req, resp);
	}

	private String getEvent(HttpServletRequest req) {
		String eventType = req.getParameter("event");
		for (String parameter : req.getParameterMap().keySet()) {
			if (
				"login".equals(parameter) ||
				"logout".equals(parameter) ||
				"register".equals(parameter)
			) {
				eventType = parameter;
				break;
			}
		}
		return eventType;
	}

	private String register(HttpServletRequest req, Session session) {
		String path;
		String id = req.getParameter("uname");
		String name = req.getParameter("name");
		String password = req.getParameter("pass");
		User user = userDao.load(id);
		if (user == null) {
			user = new User();
			user.setId(id);
			user.setPassword(password);
			user.setName(name);
			user.getRoles().add(Role.PATIENT);
			userDao.save(user);
			path = "/controller";
		} else {
			req.setAttribute("message", "User name is already taken.");
			path = "/register.jsp";
		}
		session.keep(user);
		return path;
	}

	private String authenticate(HttpServletRequest req, Session session) {
		String path;
		String id = req.getParameter("uname");
		String password = req.getParameter("pass");
		User user = userDao.load(id);
		if (user == null || !user.getPassword().equals(password)) {
			req.setAttribute("message", "Invalid user name or passowrd.");
			path = "/login.jsp";
		} else {
			session.keep(user);
			path = "/controller";
		}
		return path;
	}
	
	private String logoff(HttpServletRequest req, Session session) {	
		String path = "/login.jsp";
		session.drop(User.class);
		session.getViewStack().goHome();
		return path;		
	}
	
	protected Session getSession(HttpServletRequest req) {
		Session session = (Session) req.getSession().getAttribute("session");
		if (session == null) {
			session = new Session();
			req.getSession().setAttribute("session", session);
		}
		return session;
	}

}
